CVE-2026-6290

< 0.76.3

Velociraptor versions prior to 0.76.3 contain a vulnerability in the query() plugin which allows access to all orgs with the user'

8.0HIGH

CVE-2026-5329

<= 0.75.6

Rapid7 Velociraptor versions prior to 0.76.2 contain an improper input validation vulnerability in the client monitoring message

8.5HIGH

CVE-2025-14728

< 0.75.6

Rapid7 Velociraptor versions before 0.75.6 contain a directory traversal issue on Linux servers that allows a rogue client to uplo

6.8MEDIUM

CVE-2025-6264

< 0.74.3

Velociraptor allows collection of VQL queries packaged into Artifacts from endpoints. These artifacts can be used to do anything a

5.5MEDIUM

CVE-2023-5950

< 0.6.9-1

Rapid7 Velociraptor versions prior to 0.7.0-4 suffer from a reflected cross site scripting vulnerability. This vulnerability allow

8.6HIGH

CVE-2023-2226

< 0.6.8

Due to insufficient validation in the PE and OLE parsers in Rapid7's Velociraptor versions earlier than 0.6.8 allows attacker to c

3.3LOW

CVE-2023-0290

< 0.6.7-5

Rapid7 Velociraptor did not properly sanitize the client ID parameter to the CreateCollection API, allowing a directory traversal

4.3MEDIUM

CVE-2023-0242

< 0.6.7-5

Rapid7 Velociraptor allows users to be created with different privileges on the server. Administrators are generally allowed to ru

8.8HIGH

CVE-2022-35632

< 0.6.5-2

The Velociraptor GUI contains an editor suggestion feature that can display the description field of a VQL function, plugin or art

4.8MEDIUM

CVE-2022-35631

< 0.6.5-2

On MacOS and Linux, it may be possible to perform a symlink attack by replacing this predictable file name with a symlink to anoth

5.5MEDIUM

CVE-2022-35630

< 0.6.5-2

A cross-site scripting (XSS) issue in generating a collection report made it possible for malicious clients to inject JavaScript c

6.1MEDIUM

CVE-2022-35629

< 0.6.5-2

Due to a bug in the handling of the communication between the client and server, it was possible for one client, already registere

5.4MEDIUM

CVE-2021-3619

< 0.6.0

Rapid7 Velociraptor 0.5.9 and prior is vulnerable to a post-authentication persistent cross-site scripting (XSS) issue, where an a

3.5LOW

CVE-2005-0817

all versions

Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and

CVE-2004-0369

all versions

Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1

CVE-2002-1463

all versions

Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, an

CVE-2002-2317

all versions

Memory leak in the (1) httpd, (2) nntpd, and (3) vpn driver in VelociRaptor 1.0 allows remote attackers to cause a denial of servi

CVE-2002-2294

all versions

Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000

CVE-2002-0990

all versions

The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and

CVE-2002-0538

all versions

FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server's "FTP PORT" responses in a way that allows